Data used in open-source intelligence (OSINT) is obtained from open sources. Potential sources of OSINT data include social media, the deep web, WHOIS and DNS records, as well as other open data sources.
A ping scan takes place exclusively within a local area network (LAN) and is not disclosed to the general public. Consequently, a ping scan is not an OSINT source.
A hierarchical chain of trust model, which includes a minimum of three key elements, is often the foundation of PKI infrastructure.
To bind a public key to a particular entity, certificate authorities (CAs), at the top of the model, issue certificates.
User requests for digital certificates are checked by registration authorities (RAs).
Management of central directories and distribution - Maintains and manages the issued certificates.
Data is divided into smaller chunks, encrypted, and distributed across various storage locations using the bit splitting process. The data is meaningless if a threat actor compromises just one place.
Key escrow is the process of keeping an encryption key with a third party so that it can be produced when requests for decryption are made.
Data is encrypted using a stream cipher using a byte-by-byte or bit-by-bit approach.
Building a management layer to help implement control over an app without really changing it is called "application wrapping."
The process of finding dangers and problems that less proactive security tools and processes do not is known as threat hunting. Threat hunting aids in the discovery of threats that instruments such as signature-based scanners may overlook.
The technique of checking an endpoint for dangerous software is known as malware scanning. Not all of the activities listed in the question are covered by it.
Port scanning is the process of looking through an endpoint's open network ports. Not all of the activities listed in the question are covered by it.
Understanding a threat's intricate workings will help you reduce its potential impact and exposure.
A router security method called RTBH (remotely triggered black hole) filtering modifies routing tables to block undesirable traffic before it reaches a destination network. DDoS (distributed denial of service) assaults on network devices can be avoided with the use of RTBH filtering.
Many Cisco devices have a feature called port security that restricts ingress traffic on a port to a certain MAC address. The layer 2 (data link layer) feature has no immediate effect on routing tables.
Connections are received by a reverse proxy, which then passes them to the origin server.
Multiple network connections can be implemented using the multihoming approach on a single endpoint or network device.
Blocks are chained together in cipher block chaining (CBC) because every resultant 64-bit ciphertext block is applied to the following block. CBC is thought to be an improvement to ECB, in part because it addresses the issues brought on by the ECB's requirement to individually encrypt each block of plaintext (which can leak information about the underlying data to eavesdroppers).
CBC is one of the cipher modes that can be used with the Advanced Encryption Standard (AES), a sort of block cipher, however, AES is not a cipher mode in and of itself.
Block ciphering and stream ciphering are both used in cipher feedback (CFB).
Output feedback (OFB): Employs stream ciphering and block ciphering with 8-bit or smaller blocks, and uses the key from the previous keystream to construct the next keystream.
Similar to OFB, counter mode (CTR) uses an incrementing IV counter to make sure that every block is encrypted with a different keystream.
The purpose of directory services is to give organizational data on users, servers, printers, and other network resources. An illustration of a directory service protocol is LDAP.
A federation is a collection of domains that have mutual trust.
A method of directly linking two networks is peering.
A command called STARTTLS is used to start using encrypted network communications.
